Privacy Policy

Bemura ("we", "our", "the Service") helps you tailor resumes and manage job applications. This policy explains what data we collect, how we process it, and your rights regarding your personal information.

Data We Collect

We collect only the data necessary to provide the Service:

Account information: name, email address, and hashed password (or Google OAuth profile)
Resume content: the text and structured data of resumes you create or import, including contact details, work history, education, and skills
Job descriptions: job posting text you provide for tailoring and scoring
Cover letters: text and structured data of cover letters you create or generate
Application tracking data: job titles, company names, statuses, scores, and notes

How We Use Your Data

Resume tailoring: your resume content (excluding contact details) and job descriptions are processed by AI to generate tailored versions. Contact information is extracted locally on our server and never sent to the AI provider.
ATS and match scoring: your resume content (excluding contact details) is analyzed against job descriptions
Cover letter generation: your resume content (excluding contact details) and job descriptions are used to generate cover letters
Application tracking: your job details and linked documents are stored to help you manage applications

Third-Party AI Processing

We use the Anthropic Claude API to power AI features such as resume tailoring, scoring, cover letter generation, and application analysis. When your data is sent to Anthropic:

Your data is not used to train AI models. Anthropic's API terms prohibit using customer data for model training.
Personal contact information (name, email, phone number, physical address, and profile URLs) is always stripped before any data is sent to the AI provider. Contact details are extracted locally on our server using pattern matching and are never transmitted to third parties.
Only the minimum data necessary for each feature is sent. All AI functions receive only your professional content — skills, experience, education, and job descriptions — never your personal contact details.

Other Third-Party Services

Stripe (payment processing): receives only your email address and a user ID for billing purposes. No resume or application data is shared with Stripe.
PostHog (analytics): collects anonymized usage data (page views, feature usage counts, session duration). All form inputs are masked in session recordings. No resume text, job descriptions, or personal information is captured.

Legal Basis for Processing

We process your personal data under the following legal bases (GDPR Article 6):

Consent (Art. 6(1)(a)): analytics cookies and session recordings are only activated when you give explicit consent via the cookie banner.
Contract (Art. 6(1)(b)): processing your resume data, job descriptions, and application tracking is necessary to provide the Service you signed up for.
Legitimate Interest (Art. 6(1)(f)): security measures such as rate limiting, logging failed authentication attempts, and fraud prevention.

Data Retention

We retain your data as follows:

Account data: retained until you delete your account
Resumes, cover letters, and applications: retained until you delete them or your account. You can configure automatic deletion (30–365 days) in Settings.
AI generation history: retained per your data retention setting (configurable in Settings), or until account deletion
Analytics data: retained per PostHog's data retention policy (typically 12 months). No analytics data is collected without your consent.
Server logs: retained for up to 30 days for debugging and security purposes. Logs never contain resume or job description text.

Cookies

We use the following cookies:

Session cookie (next-auth.session-token): essential — required for authentication. Cannot be disabled.
Locale cookie (NEXT_LOCALE): essential — stores your language preference (EN/DE).
Theme cookie (bemura-theme): essential — stores your light/dark mode preference.
Consent cookie (bemura-consent): essential — records your cookie preferences.
PostHog cookies: analytics — only set after you accept analytics cookies via the consent banner.

Subprocessors & Data Transfers

We use the following third-party service providers to operate the Service:

Anthropic (San Francisco, US) — AI processing. Resume and job text only (no PII). Standard Contractual Clauses apply.
Stripe (San Francisco, US) — Payment processing. Email and billing data only. Stripe is PCI DSS Level 1 certified.
PostHog (EU hosting available) — Analytics. Anonymized usage data only, with consent. All inputs masked.
Resend (US) — Transactional email. Email address only. Used for verification, password reset, and job notifications.
Hetzner (Nuremberg, DE) — Server hosting. All application data is stored on EU-based infrastructure.

Data Storage & Security

Your data is stored in a database isolated per user on EU-based infrastructure (Hetzner, Germany). Passwords are hashed using bcrypt. API keys and secrets are stored as environment variables and never exposed to the client. All data transmission uses HTTPS.

Your Rights

Under the GDPR, you have the following rights. We will respond to requests within 30 days.

Right of access: you can view and export all your stored data through Settings > Export Data
Right of rectification: you can edit your data at any time through the application
Right of erasure: you can delete individual items or your entire account via Settings. Account deletion permanently removes all associated data.
Right of data portability: you can export all your data as JSON via Settings > Export Data, and export resumes/cover letters as PDF or DOCX
Right to restrict processing: you can disable analytics tracking via Settings or the cookie consent banner
Right to object: you can opt out of analytics at any time via Settings > Privacy & Analytics

Contact & Data Protection

For questions about this privacy policy, data protection requests, or to exercise your rights, please email [DATA_PROTECTION_EMAIL]. We aim to respond within 30 days.